1. /
  2. Confident Insights Newsletter/
  3. How Safe Is Small Business Data?

How Safe Is Small Business Data?

December 8, 2008


Rubicon Consulting surveys computing decision makers at small and medium-size businesses across the U.S. to determine how effectively they protect their data and whether their data protection practices have kept pace with data growth
In a small or mid-sized business, where money and staff time are at a premium, it may seem that there is always something more pressing to do than to work on backups.
Although the majority of small or mid-sized businesses have some form of backup solution in place, these solutions are often time-consuming to operate, are inconsistently used, or offer insufficient protection from disasters such as fires and floods. Many businesses lack the staff time and expertise to commit to managing a comprehensive backup strategy. Still others have had a solution in place for years, but that solution is costly, out of date, or both.
Given these challenges, how well protected is the data of small and medium-sized companies? How do those businesses back up their information, and are they doing enough to protect the company against loss? Are their data protection practices keeping pace with the growth of their data?
To answer these questions, Symantec commissioned Rubicon Consulting to conduct an independent survey of computing decision makers at several hundred small and mid-sized US businesses to determine how effectively they protect their data and whether their backup practices have kept pace with the growth of their data.

Data loss concerns

The majority of small and medium-size businesses surveyed in the study expressed concern about potential data loss. In fact, companies list backup strategy as their No. 2 computing priority. What’s more, the survey reveals that many SMBs continue to rely on manual backup strategies that leave their data vulnerable to human error, breaches, theft, or natural disasters. Consequently, about half of the SMBs surveyed admit experiencing significant rates of data loss. In addition, one-third revealed that they lost sales or a customer as a result of data loss.
One of the interesting trends observed is that mid-sized companies suffer data loss in more diverse ways than small businesses. As companies grow, their environments become larger and more complex. Backup practices that protect a very small company adequately may no longer be sufficient as that company grows. For example, manual backup practices, or, entrusting regular PC backup to employee discretion may become more difficult to enforce as a company grows.
When it comes to the impact of data loss and the backup practices of many SMBs, the Rubicon survey identifies several key trends:
  • Causes for data loss are varied – hardware failure is the most common cause of data loss among SMBs. However, in companies with more than 100 employees, human error, breaches, and theft were also factors in data loss.
  • Many SMBs lack comprehensive backup strategies – Many companies do not back up their computers fully. About a quarter of SMBs conduct no backup of their PCs, and another 13 percent do only informal backups where employees decide the frequency and which files are protected without corporate guidance. The situation is similar for servers; about 20 percent of SMBs conduct no server backup. And, among those who do backup their servers about half are backed up weekly or less often.
  • Most backups are stored on site – The majority of SMBs choose to store data backups on their premises. These local backups leave companies vulnerable to theft or disaster.
  • Only 25% of SMBs can always successfully recover data – Even among companies that perform some sort of backup, only 25% report always being able to recover lost data. And very small companies had the highest rate of permanent data loss – 15% of businesses employing one to four people say they have never been able to recover lost data.
  • Data loss can have a severe impact – 25% of the SMBs surveyed report that data loss has caused severe disruptions to their business.
  • The cost of recovering data and company size go hand in hand – Larger companies spend more money recovering from data loss incidents. Almost half of SMBs with over 100 employees say that have spent over $10,000 recovering lost data, while 50% of companies with five to 19 employees report spending $1,000 or more.
  • The speed of data recovery is critical – Regardless of size, SMBs must be able to recover important information quickly or face damage to their business. About one-quarter of midsize companies (100 – 249) report that losing access to data for even one day would cause permanent business loss.


In today's business environment, small and medium-size companies face unrelenting pressure to ensure that critical business data is protected. Yet the Rubicon study finds that while SMBs rank backup as a top computing priority many follow risky backup practices. These range from relying on manual backups to storing critical backup data in the same location as the host computers. What’s more about half of the SMBs surveyed say that they have lost data.
Online Backup services such as Symantec Online Backup can help SMBs to address these core challenges by using automation and centralized management to implement backup policies that will be followed in a consistent manner.
An online backup service can take the onus off of individual employees who are held responsible for backing up their PCs, simplifies backup of servers, and automates getting data off-site into secure, redundant datacenters.

Back to Newsletter

In This Article